Grails:Groovy:SSLPeerUnverifiedException: peer not authenticated - grails

I want to hit an xml request to a url while running the code in my local system it is working well i have created a war file and deployed the same in server,but while running in server getting an exception 'javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated'
i have used groovy http builder
def http = new HTTPBuilder(url)
http.auth.basic('username', 'password')
try {
http.request(Method.POST, ContentType.TEXT) {
req->
headers.accept = "application/xml"
body = request //xml request
response.success = {
resp,reader ->
Response = reader.text
}
}
}
catch(HttpResponseException ex) {
println ex;
}
how can i solve this problem in this case..?

Workaround: The following answer provides a workaround for this issue: https://stackoverflow.com/a/25076888/782034
Just found out that new version (0.7.1) of HttpBuilder introduces
method:
ignoreSSLIssues()
This solves all problems regarding invalid SSL certificates (of course
you have to be aware that it also decrease security).
More information about this method:
http://groovy.codehaus.org/modules/http-builder/doc/ssl.html (section
at the bottom)
i.e.
def http = new HTTPBuilder(url)
http.ignoreSSLIssues()
Solution: If you want to do things the 'proper' way, checkout the other solutions regarding importing the server's certificates. e.g. SSLPeerUnverifiedException: peer not authenticated

If you use ignoreSSLIssues() but still get same exception.
Just add latest httpclient into Gradle/Maven
compile 'org.apache.httpcomponents:httpclient:4.5.3'
Can't use ignoreSSLIssues in HttpBuilder version 0.7.1

Related

Cross origin for POST

I have a Jetty http server with some Jersey rest services. Those services are called from a React website that runs on a Node server.
Due to the cross origin nature of this setup, I had to add some HTTP headers. Basically, all my webservices return a createOkResult() which is created as follows.
#POST
#Path("orders/quickfilter")
#Consumes(MediaType.APPLICATION_JSON)
public Response getQuickFilterProductionOrders(String data)
{
...
return createOkResult(json.toString());
}
protected Response createOkResult(Object result)
{
return buildCrossOrigin(Response.ok().entity(result));
}
protected static Response buildCrossOrigin(Response.ResponseBuilder responseBuilder)
{
return responseBuilder.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT")
.allow("OPTIONS")
.build();
}
For the #GET webservices that works fine. But when I create an #POST service, I just can't get it working.
Webbrowsers (chrome and firefox) return these kind of errors:
Access to XMLHttpRequest at 'http://localhost:59187/rs/production/orders/quickfilter' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
So, at first sight I would be tempted to think that the headers are still missing. The thing is, when I test this service with a tool like Postman, then all headers turn out to be in place, and the service even returns the requested data.
This is a screenshot of a POST request.
From my front-end (which runs on the node server), I use the axios API, which uses promises, and my request looks like this:
const url = "http://localhost:59187/rs/production/orders/quickfilter";
const data = JSON.stringify(request);
const headers = { headers: { "Content-Type": "application/json" } };
const promise = axios.post(url, data, headers);
Right now I have a HTTP error 500, If I remove the content type header, I get an unsupported media exception. So, I have reasons to believe that the content type is ok.
Paul Samsotha pointed me in the right direction.
I ended up adding a filter to the ServletContextHandler. Unlike the linked article, I didn't really have to create that filter from scratch. There was an existing filter class that I could use: i.e. org.eclipse.jetty.servlets.CrossOriginFilter.
FilterHolder filterHolder = context.addFilter(CrossOriginFilter.class, "/*", EnumSet.allOf(DispatcherType.class));
filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,PUT,POST,DELETE,OPTIONS");
filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin");
filterHolder.setInitParameter(CrossOriginFilter.ALLOW_CREDENTIALS_PARAM, "true");
filterHolder.setInitParameter(CrossOriginFilter.CHAIN_PREFLIGHT_PARAM, "false");
Some of the above parameters can probably be left out, as they are default values. But what appeared to be crucial for me, was to set the CHAIN_PREFLIGHT_PARAM to false.
One nice side-effect, is that I can simplify the code of the actual services. They do not longer need to add special headers, by contrast they can now just return Response.ok().entity(result).build();.

Grails Rest Client Builder POST Return Error/Exception

I've been working with the grails plugin: 'grails-rest-client-builder:2.0.1'
https://github.com/grails-plugins/grails-rest-client-builder/
I'm experiencing an odd issue when I POST some data to a web service, a 500 Exception, even though the POST indeed is working successfully.
Class
java.lang.NoClassDefFoundError
Message
org/springframework/util/StreamUtils
Around line 195 of PageFragmentCachingFilter.java
if (CollectionUtils.isEmpty(cacheOperations)) {
log.debug("No cacheable annotation found for {}:{} {}"
new Object[] { request.getMethod(), request.getRequestURI(), getContext() });
chain.doFilter(request, response);
return;
}
The response that is coming back from the web service should look like this:
{"id":"9999","key":"IX-2247","self":"https://jira.xxxx.com/rest/api/latest/issue/9999"}
Again, the web service is correctly getting the values that I pass into it, and I verified this by checking the application that I'm posting to and I do see what I expect. Not only that, but I also receive an email from the system that I am POSTing to, and the email contains the correct values from the Grails application.
Here's the POST that I'm using:
def rest = new grails.plugins.rest.client.RestBuilder()
def resp = rest.post("https://jira.xxxx.com/rest/api/latest/issue/"){
auth "Basic xxxx"
contentType "application/json"
json builder.toPrettyString()
}
My hypothesis is that perhaps the issue is that the rest-client-builder is having some kind of issue with the response that is being returned from the web service.
Has anyone encountered anything like this before, where the service is working, but Grails throws a 500 error, even on a successful POST?
Please let me know if I need to provide additional information.
Thanks in advance!
Thank you all for the replies. I ended up upgrading my Grails application to 2.3.5, from 2.2.3 and now the code (above) works perfectly. The 500 error disappeared completely.

The Http of FSharp.Data and proxy server

I'm creating a program to download web pages using the Http module of FSharp.Data. However, the module doesn't support setting http proxy server. In C# there is
_httpWebRequest.Proxy =
new System.Net.WebProxy("http://proxy.myCompany.com:80", true);
I tried to download the file from https://github.com/fsharp/FSharp.Data/blob/master/src/Library/Http.fs and use it directly in my F# project. However, the type of response changed from string to HttpResponse after I call the Http.Request from the downloaded file.
let response =
Http.Request (
url,
query=["userid", user; "password", password; "login", "Sign+On"],
meth="POST",
cookieContainer = cc)
What's the best way to extend the Http module with proxy support?
In FSharp.Data 2.0, you can pass the parameter customizeHttpRequest of type HttpWebRequest->HttpWebRequest to set the proxy like this:
Http.Request (
url,
query=["userid", user; "password", password; "login", "Sign+On"],
meth="POST",
cookieContainer = cc,
customizeHttpRequest = (fun req -> req.Proxy <- WebProxy("http://proxy.myCompany.com:80", true); req))
In the new version (upcoming release), we are renaming the current Http.Request to Http.RequestString and the current Http.RequestDetailed to Http.Request. This is a breaking change, but we thing it makes much more sense (and fits better with standard .NET naming). If you just want to copy the old file, you can always get the older version of the code from the appropriate branch on GitHub (e.g. Http.fs # tag v1.1.10).
However, I think that supporting HTTP proxies would be a great addition to the library. So the best thing to do would be to fork the project to your GitHub, add the feature and submit a pull request! I think that just adding an optional ?proxy parameter to the two methods and propagating the information to the underlying HttpWebRequestwould be the best way to do this.
The only tricky thing is that Http.Request should work on multiple versions of .NET (including Windows Phone, Silverlight, etc.) so you may need to check which of them actually support specifying the proxy.
If you do not have the time for helping out, then please submit a GitHub issue.
Have you tried overriding the proxy globally with WebRequest.DefaultWebProxy = new System.Net.WebProxy("http://proxy.myCompany.com:80", true)?

GroovyWS WSClient Preemptive Basic authentication

I cannot set preemptive authentication in groovyws. (ws provider required preemptive authentication.)
I try to find out in groovyws document but no clue.
import groovyx.net.ws.WSClient
//def proxy = new WSClient("http://202.44.4.97/webservice/pttinfo.asmx?wsdl", this.class.classLoader)
def proxy = new WSClient("http://192.168.3.69/provider/myService", this.class.classLoader)
proxy.setBasicAuthentication('user', 'pass')
proxy.initialize()
below is an error.
Caused by: java.io.IOException: Server returned HTTP response code: 405 for URL: http://192.168.3.69/provider/myService
Have you tried groovy-wslite? It says in the documentation for GroovyWS that:
Due to low availability the project is currently dormant, you might consider groovy-wslite as a replacement module
So afaics, this should get close (I'm assuming you're using SOAP):
import wslite.soap.*
def client = new SOAPClient('http://192.168.3.69/provider/myService')
client.authorization = new HTTPBasicAuthorization( 'user', 'pass' )
There are instructions for getting wslite working with Grails here.

Grails Mail plugin not working

I am trying to send mails from a Grails application, but without any success.
I've used gmail and other smtp server (without ssl!) but the same error occurs:
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Exception reading response;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?. Failed messages: javax.mail.MessagingException: Exception reading response;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?; message exceptions (1) are:
Failed message 1: javax.mail.MessagingException: Exception reading response;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
I am using in Config.groovy (example for gmail):
grails.mail.host = "smtp.gmail.com"
grails.mail.from = "xxx#gmail.com"
grails.mail.port = "465"
grails.mail.ssl = "on"
grails.mail.username = "xxx#gmail.com"
grails.mail.password = "xxx"
grails.mail.props = ["mail.smtp.auth": "true",
"mail.smtp.socketFactory.port": "465",
"mail.smtp.socketFactory.class": "javax.net.ssl.SSLSocketFactory",
"mail.smtp.socketFactory.fallback": "false",
"mail.smtp.starttls.enable": "true",
"mail.debug": "true"]
EDIT: I made a simple app with just the mail plugin and a controller and the config posted by Javid Jamae works (3rd answer, also I think the other should work).
BUT even if I just copy-paste the same config and the same sending mail code, on my primary project it still gives me the same exception! I think this can be caused by Nimble plugin (Mail plugin was installed by it).
My configuration is:
Grails version: 1.3.4
Groovy version: 1.7.4
JVM version: 1.6.0_21
jquery - 1.4.2.5
mail - 0.9
shiro - 1.0.1
nimble - 0.4-SNAPSHOT
FINAL EDIT :
I resolved the issue: it seems that I have to use the same settings in the Nimble plugin also, in NimbleConfig.groovy -> mail { ... (must have "from = ...") } .
Stupid issue, but waisted a lot of time on it.
I'm not using SSL and I have the following defined at the bottom of my Config.groovy (not under the environments section):
grails {
mail {
host = "smtp.gmail.com"
port = 465
username = "xxx#gmail.com"
password = "xxx"
props = ["mail.smtp.auth":"true",
"mail.smtp.socketFactory.port":"465",
"mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory",
"mail.smtp.socketFactory.fallback":"false"]
}
}
I'm using:
app.grails.version=1.2.1
plugins.mail=0.9
This works for me.
You have enabled SSL:
grails.mail.ssl = "on"
And got exception
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?.
So disable SSL (my config):
host = "smtp.gmail.com"
port = 465
username = "username#gmail.com"
password = "password"
javaMailProperties = ['mail.smtp.auth': 'true',
'mail.smtp.socketFactory.port': '465',
'mail.smtp.socketFactory.class': 'javax.net.ssl.SSLSocketFactory',
'mail.smtp.socketFactory.fallback': 'false']
Anyway, if you want to enable SSL - try 587 port.
Also try to set
mail.smtp.starttls.required : 'true'
Because if server not supports secure connection or client doesn't accept server's certificate secure connection will not started and you will got your exception.
But after setting starttls.required = true and secure connection is impossible whole connection will fails so you got proper exception message.
P.S. Take a note that SSL and TLS - is different protocols.
I dont have this line in my configuration
"mail.smtp.starttls.enable": "true"
and my connection is working
also the port should not be in quotes
grails.mail.port = 465
I ran into a similar strain of this issue as well, so I'll share my experience. When using the Nimble plugin (which uses the Mail plugin as a dependency), Nimble defines its own mail settings in grails-app/conf/NimbleConfig.groovy.
The settings in NimbleConfig.groovy appear to overwrite those set in Config.groovy (presumably because NimbleConfig is executed after Config).
The solution here is conditional:
If you're using Nimble, set the mail properties in grails-app/conf/NimbleConfig.groovy; you do not need to set them in grails-app/conf/Config.groovy
If you're not using Nimble, then just follow the Mail plugin instructions for configuration (or use Javid Jamae's answer)
This seems to be what the OP alluded to in his/her edits, but I just thought I'd confirm the edits with my understanding of what's happening.
Update:
For a reference, here are the NimbleConfig.groovy settings that worked for me:
nimble {
...
messaging {
...
mail {
host = 'smtp.gmail.com'
port = 465
username = '...#gmail.com'
password = '...'
props = [
'mail.smtp.auth': 'true',
'mail.smtp.socketFactory.port': '465',
'mail.smtp.socketFactory.class': 'javax.net.ssl.SSLSocketFactory',
'mail.smtp.socketFactory.fallback': 'false'
]
}
}
}
You can verify your config settings at runtime by checking the
mailService.mailSender properties.Something like this:
mailService.mailSender.properties.each{println}
It will yield the host, port, username, password and a few other values.
If you're sure they are all correct, I would suspect a firewall issue.

Resources